US007263716B1
`
`(12)
`
`United States Patent
`Gulick
`
`(10) Patent N0.:
`(45) Date of Patent:
`
`US 7,263,716 B1
`Aug. 28, 2007
`
`(54) REMOTE MANAGEMENT MECHANISM TO
`PREVENT ILLEGAL SYSTEM COMMANDS
`
`5,978,912 A * 11/1999 Rakavy et a1. ............... .. 713/2
`6,223,284 B1 *
`4/2001 Novoa et a1. ....... ..
`.. 713/100
`
`(75) Inventor; Dale E, Gulick, Austin, TX (Us)
`
`Assigneej Advanced Micro Devices, Inc,’ AqJstins
`TX (Us)
`
`( * ) Notice:
`
`Subject to any disclaimer, the tenn Qfthjs
`patent is extended or adjusted under 35
`U.S.C. 154(1)) by 1006 days.
`
`(21) Appl. N0.: 10/066,948
`
`.
`(22) Flled:
`
`Feb' 4’ 2002
`
`.
`.
`Related US. Application Data
`(63) Continuation-in-part of application No. 10/033,142,
`?led on Nov. 1, 2001, and a continuation-in-part of
`application No. 10/005,648, ?led on Dec. 3, 2001.
`
`(51) Int CL
`(200601)
`H04L 9/32
`(200601)
`G06F 9/00
`726/3_ 713/2_ 713/151
`(52) U 5 Cl
`’
`’
`_'
`'
`' """" """ "I """""" "
`(58) Field of Classi?cation Search .............. .. 713/200;
`_
`_
`_
`714/55
`See apphcanon ?le for Complete Search hlstory'
`References Cited
`
`(56)
`
`U.S. PATENT DOCUMENTS
`
`6,263,431 B1* 7/2001 Lovelace et al. . . . . .
`. . . . .. 713/2
`6,282,642 B1 *
`8/2001 Cromer et a1. ............... .. 713/2
`6,438,711 B2 *
`8/2002 Woodruif ................... .. 714/27
`6,618,810 B1 *
`9/2003 Dirie .............. ..
`.. 713/201
`2003/0037231 A1* 2/2003 Goodman et al.
`.... .. 713/2
`2004/0117609 A1* 6/2004 Stalker et al. ............... .. 713/2
`2005/0071619 A1* 3/2005 Chu et a1. .................... .. 713/2
`2005/0149924 A1* 7/2005 Komarla et al. .......... .. 717/176
`
`* Cited by examiner
`
`Primar ExamineriKambiZ Zand
`Assislaiil ExamineriThomas M. SZymanski
`(74) Attorney, Agent, or FirmiWilliams, Morgan &
`Amerson, RC‘
`
`(57)
`
`ABSTRACT
`
`An integrated circuit, a computer system,‘ and a method ‘for
`author1Z1ng RMCP requests. The method mcludes rece1v1ng
`a request for a system action and initiating a timer. The
`method also mcludes generatmg an author1Zat1on request for
`the system action and evaluating a result of the authorization
`request for the System actionifreceived before an expiration
`of the timer. The method also includes granting the request
`for the system action if the expiration of the timer occurs
`before the result of the authorization request for the system
`action is received.
`
`5,675,800 A * 10/1997 Fisher et a1. ................. .. 713/2
`
`28 Claims, 15 Drawing Sheets
`
`RECEIVE REQUEST FOR A SYSTEM RESET w
`
`K 800
`
`1
`
`CHECK FOR WATCHDOG TIMER EXPIRATION @
`
`// K 830
`
`\ NO
`/
`
`ABORT SYSTEM RESET
`m
`
`§\
`
`TIMER
`EXPIRED?
`
`YES
`
`'
`
`i
`
`PERFORM SYSTEM RESET @530
`
`Lenovo
`Ex. 1038 - Page 1
`
`

`

`U.S. Patent
`
`Aug. 28, 2007
`
`Sheet 1 0f 15
`
`US 7,263,716 B1
`
`PROCESSOR
`m
`
`K 100
`
`MEMORY
`E?
`
`NORTH BRIDGE
`M
`
`AGP
`£5
`
`PC]
`/ 110
`k
`SMBUS
`115
`
`IDE @
`114 \
`*————
`SOUTH BRIDGE
`112
`‘_____ _
`
`LPC BUS
`118
`
`USB /
`116
`
`1; PCI
`‘\
`C‘ONNECTOR
`1“
`
`N10
`E
`
`‘
`'
`
`SUPER
`HO
`120
`
`BIOS
`E
`
`Fig. 1A
`(Prior Art)
`
`Lenovo
`Ex. 1038 - Page 2
`
`

`

`U.S. Patent
`
`BATTERY
`113
`
`Aug. 28, 2007
`
`Sheet 2 of 15
`
`US 7,263,716 B1
`
`SOUTH BRIDGE
`112
`| RTCBATTERYWELLI25
`
`eeeeeeses.
`
`|
`
`|
`l
`
`CLOCKCIRCUIT
`128
`
`RTC RAM 126
`
`CLOCK DATA
`
`CHECKSUM
`DATA 127
`
`CMOS RAM 126
`
`SBRAM 126
`
`CPU
`INTERFACE
`132
`
`POWER/SYSTEM
`MANAGEMENT
`133
`
`BUS
`INTERFACE
`LOGICS
`134
`
`Fig. 1B
`(Prior Art)
`
`Lenovo
`
`Ex. 1038 - Page 3
`
`Lenovo
`Ex. 1038 - Page 3
`
`

`

`U.S. Patent
`
`Aug. 28, 2007
`
`Sheet 3 0f 15
`
`US 7,263,716 B1
`
`SOUTH BRIDGE
`M
`
`PCI
`
`110 \
`
`SMBus
`/ 115
`
`MOTHERBOARD Q1
`
`SENSOR
`103A
`
`———
`
`SENSOR
`103B
`
`MICRO
`CONTROLLER
`11g
`
`ETHERNET
`E5.
`
`PC‘
`
`A
`
`ASF NIC lgg
`
`CONNECTOR
`111
`
`V
`REMOTE
`MANAGEMENT
`SERVER
`Q
`
`Fig. 1C
`(Prior Art)
`
`Lenovo
`Ex. 1038 - Page 4
`
`

`

`U.S. Patent
`
`Aug. 28, 2007
`
`Sheet 4 0f 15
`
`US 7,263,716 B1
`
`/135
`POWER SUPPLY INITIALIZATION POWER SUPPLY GENERATES A POWER
`GOOD SIGNAL TO THE NORTH BRIDGE 1_?@
`I
`UPON RECEIVING THE POWER GOOD SIGNAL, THE SOUTH BRIDGE STOPS
`‘ASSERTING THE RESET SIGNAL FOR THE PROCESSOR @
`I
`THE PROCESSOR READS THE DEFAULT JUMP LOCATION, USUALLY AT
`FFFFOh @
`I
`THE PROCESSOR JUMPS TO THE BIOS CODE LOCATION IN THE ROM BIOS,
`COPIES THE BIOS CODE TO RAM, AND BEGINS PROCESSING BIOS CODE
`INSTRUCTIONS FROM RAM @
`I
`BIOS CODE PERFORMS POWER ON SELF TEST (POST) £15
`I
`BIOS CODE LOOKS FOR ADDITIONAL BIOS CODE, SUCH AS VIDEO @ COOOh
`AND ATA/IDE HARD DRIVE BIOS CODE @ C800h, AND DISPLAYS A START-UP
`INFORMATION SCREEN ??
`
`I
`BIOS CODE PERFORMS ADDITIONAL SYSTEM TESTS, SUCH AS THE RAM
`COUNT-UP TEST, AND SYSTEM INVENTORY, SUCH AS IDENTIFYING COM
`AND LPT PORTS AND INITIALIZING THE ASF NIC E
`
`BIOS CODE IDENTIFIES PLUG-N-PLAY AND OTHER SIMILAR DEVICES AND
`DISPLAYS A SUMMARY SCREEN j5_0
`
`V
`
`BIOS CODE IDENTIFIES THE BOOT LOCATION £32
`I
`510s CODE CALLS THE BOOT SECTOR CODE TO BOOT THE COMPUTER
`SYSTEM @4
`Fig. 2
`(Prior Art)
`
`Lenovo
`Ex. 1038 - Page 5
`
`

`

`U.S. Patent
`
`Aug. 28, 2007
`
`Sheet 5 0f 15
`
`US 7,263,716 B1
`
`PROCESSOR
`E
`
`/ 200A
`
`!
`\
`
`MEMORY
`E
`
`NORTH BRIDGE
`215
`
`AGP
`E
`
`PCI
`210
`’/
`\
`SMBus
`215
`
`IDE @
`214 \
`<_—— ASF
`SOUTH BRIDGE
`<——- m
`USB /‘
`216
`
`; PC!
`‘\CONNECTOR
`211
`
`LPC BUS
`21s\
`
`4,
`
`T
`SUPER EXTENDED
`v0
`BIOS
`2_29
`E
`
`CRYPTO
`PROCESSOR
`21
`
`L
`
`T
`
`-
`
`PROTECTED
`STORAGE
`
`Lenovo
`Ex. 1038 - Page 6
`
`

`

`U.S. Patent
`
`Aug. 28, 2007
`
`Sheet 6 6f 15
`
`US 7,263,716 B1
`
`PROCESSOR
`@
`
`K 2005
`
`MEMORY
`2%
`
`NORTH BRIDGE
`.20_4
`
`AGP
`2%
`
`PCI
`/ 210
`\
`SMBUS
`215
`
`lDE @
`214 \
`¢———— ASF
`SOUTH BRIDGE
`<————
`22
`USB /
`216
`
`: PCI
`‘\OONNEOTOR
`NIC
`211
`@
`
`LPC BUS
`218\
`
`E
`
`SUPER EXTENDED?
`|/O
`BIOS
`2L0
`2;
`
`CRYPTO
`PROCESSOR
`22A
`
`Fig. 3B
`
`PROTECTED
`STORAGE
`gg
`
`Lenovo
`Ex. 1038 - Page 7
`
`

`

`U.S. Patent
`
`Aug. 28, 2007
`
`Sheet 7 0f 15
`
`US 7,263,716 B1
`
`INTERNAL
`SB
`BUS 302
`— l
`
`INTERNAL
`BUS
`
`Rx BUFFER
`32
`
`M"
`ETHERNET I‘
`E / PHy
`'-
`£3
`
`INTERFACE
`Q?
`
`TX BUFFER
`@
`
`REGISTER
`@
`
`F
`
`L
`
`I
`‘
`{I
`E
`ASF TX BUFFER ASF RX BUFFER‘
`g I @
`
`MEMORY
`g
`
`1
`LPC
`BRIDGE
`gag
`
`W
`SOUTH
`BRIDGE
`REGISTER
`@
`
`l
`‘ MCA/D BUST
`I
`I SoUTI-I
`RMCP ‘
`322
`BRIDGE
`SET
`REGISTER
`CMD
`BRIDGE
`g
`5%
`i"
`|—————' SMI REQ
`ASF CONFIG
`REG'STER E
`_ REGISTER 5g;
`
`MC
`29
`
`“ I
`
`T
`215
`
`WDT
`m
`
`WW INT
`REGISTER g;
`
`CPU-MC DATA EXCHANGE
`REGISTER g4
`
`SCI INT REQ
`<____ ACPI INTERFACE
`3E
`
`INT
`
`ASiF STATUS
`‘NT
`REQ<_____ REGISTER 3_1§
`
`I
`I
`
`Fi 4
`g
`
`Lenovo
`Ex. 1038 - Page 8
`
`

`

`U.S. Patent
`
`Aug. 28, 2007
`
`Sheet 8 0f 15
`
`US 7,263,716 B1
`
`l- — _ _ — _ _ — _ — _ _ — — — _ _ _ ‘I
`
`ASF SOUTH BRIDGE
`H
`RTC BATTERY WELL@
`
`|
`l
`I I
`:
`I
`|
`____ _ _|
`I
`l
`:
`:
`|
`I
`
`BATTERY
`?i
`
`CLOCK CIRCUIT
`E
`
`ASF
`STATUS
`REGISTER
`m
`ASF
`ENABLE
`REGISTER
`2.52
`
`I
`I
`I
`RTC RAM 2268
`— |
`CLOCK DATA
`:
`2_22
`I
`|
`|
`I
`I
`:
`CMOS RAM 226A
`— :
`I
`'
`
`CHECKSUM
`DATA 2y
`
`SB RAM gag
`
`|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|
`
`CPU
`INTERFACE
`E
`
`POWER/SYSTEM
`MANAGEMENT
`E
`
`BUS
`INTERFACE
`LOGIC
`CIRCUITS
`&
`
`Lenovo
`Ex. 1038 - Page 9
`
`

`

`U.S. Patent
`
`Aug. 28, 2007
`
`Sheet 9 0f 15
`
`US 7,263,716 B1
`
`/ 400
`
`THE PROCESSOR JUMPS TO THE BIOS CODE LOCATION IN THE ROIvI BIOS,
`COPIES THE BIOS CODE TO RAIvI, AND PROCESSES THE BIOS CODE
`INSTRUCTIONS FROM RAM, INCLUDING CHECKING FOR THE PRESENCE OF
`AN ASF NIC @
`
`l K 410
`
`MSF NW
`
`v
`
`\\PRESENT?
`
`\/
`
`i
`
`ASF SOUTH BRIDGE CONFIGURED
`AS A SLAVE TO THE ASF NIC 4_1_5
`
`ASF SOUTH BRIDGE CONFIGURED
`AS AN ASF MASTER @
`
`V
`
`V
`
`BIOS CODE PERFORMS POWER ON SELF TEST (POST) 4_2§
`I,
`BIOS CODE LOOKS FOR ADDITIONAL BIOS CODE AT LOCATIONS OTHER
`THAN THE BIOS ROM AND DISPLAYS A START-UP INFORMATION SCREEN
`4_32
`I
`BIOS CODE PERFORMS ADDITIONAL sYsTEIvI TESTS, SUCH AS THE RAM
`COUNT-UP TEsT, AND SYSTEM INVENTORY, SUCH AS IDENTIFYING COM
`AND LPT PORTS 5g
`
`BIOS CODE IDENTIFIES PLUG-N-PLAY AND OTHER SIMILAR DEVICES AND
`DISPLAYS A SUMMARY SCREEN @
`
`BIOS CODE IDENTIFIES THE BOOT LOCATION @
`
`V
`
`Lenovo
`Ex. 1038 - Page 10
`
`

`

`U.S. Patent
`
`Aug. 28, 2007
`
`Sheet 10 0f 15
`
`US 7,263,716 B1
`
`ASF SOUTH BRIDGE IN SLAVE MODE RESPONDS TO REQUESTS FROM THE
`ASF NIC FOR INTERNAL SENSOR STATUS 5%
`
`/ 500
`
`ASF SOUTH BRIDGE IN SLAVE MODE RESPONDS TO SMBUS POLLS FROM
`THE ASF NIC m
`
`Fig. 7A
`
`/ 600
`
`ASF SOUTH BRIDGE IN MASTER MODE ACTIVELY POLLS EXTERNAL
`SENSORS COUPLED TO THE SMBUS Q5
`
`ASF SOUTH BRIDGE IN MASTER MODE ACTIVELY POLLS INTERNAL
`SENSORS _€_51_0
`
`ASF SOUTH BRIDGE IN MASTER MODE GENERATES INTERRUPTS AND
`RESPONDS TO INTERRUPTS @
`
`V
`
`I
`
`ASF SOUTH BRIDGE IN MASTER MODE REPORTS INTERNAL AND EXTERNAL
`SENSOR STATES TO THE REMOTE MANAGEMENT SERVER §_2_0
`Fig. 7B
`
`Lenovo
`Ex. 1038 - Page 11
`
`

`

`U.S. Patent
`
`Aug. 28, 2007
`
`Sheet 11 0f 15
`
`US 7,263,716 B1
`
`SYSTEM ENTERS A NEW STATE _71_0
`
`/ 700A
`
`V
`
`,
`
`SYSTEM RESETS THE WATCHDOG TIMER E
`
`EXPIRED?
`
`YES
`
`NOTIFY MICROCONTROLLER THAT WATCHDOG TIMER HAS
`EXPIRED m
`
`EVALUATE CURRENT SYSTEM STATE 1Q
`
`NO
`
`SYSTEM
`ERROR?
`
`MICROCONTROLLER RESPONDS TO SYSTEM ERROR m
`
`Fig. 8A
`
`Lenovo
`Ex. 1038 - Page 12
`
`

`

`U.S. Patent
`
`Aug. 28, 2007
`
`Sheet 12 0f 15
`
`US 7,263,716 B1
`
`/ 7008
`
`UPDATE STATUS REGISTER Z1_5
`
`V
`
`RESET THE WATCHDOG TIMER E
`
`EXPIRED?
`
`YES
`
`NOTIFY MICROCONTROLLER THAT WATCHDOG TIMER HAS
`EXPIRED @
`
`MICROCONTROLLER READS STATUS REGISTER EQ
`
`NO
`
`SYSTEM
`ERROR?
`
`MICROCONTROLLER NOTIFIES A REMOTE MANAGEMENT
`CONSOLE OVER THE NEWTWORK E '
`
`Fig. 8B
`
`Lenovo
`Ex. 1038 - Page 13
`
`

`

`U.S. Patent
`
`Aug. 28, 2007
`
`Sheet 13 0f 15
`
`US 7,263,716 B1
`
`RECEIVE REQUEST FOR A SYSTEM RESET m
`
`CHECK FOR WATCHDOG TIMER EXPIRATION @
`
`\\\ {830
`\
`ABORT SYSTEM RESET
`WATCHDOG \\ NO
`TIMER
`>——>
`EXPIRED? /
`\\ /
`YES
`
`g9
`
`PERFORM SYSTEM RESET Qf?
`
`Fig. 9
`
`Lenovo
`Ex. 1038 - Page 14
`
`

`

`U.S. Patent
`
`Aug. 28, 2007
`
`Sheet 14 0f 15
`
`US 7,263,716 B1
`
`RMCP SET CMD j?
`
`WATCHDOG TIMER CHECK
`ENTRY w
`
`LOCK ENTRY E
`
`ASP CONFIG
`REGISTER @
`
`LOCK REGISTER'COMMAND
`ENTRY M
`
`Fig. 1 0
`
`Fig. 11
`
`Lenovo
`Ex. 1038 - Page 15
`
`

`

`U.S. Patent
`
`Aug. 28, 2007
`
`Sheet 15 0f 15
`
`US 7,263,716 B1
`
`K1100
`
`RECEIVE RMCP REQUEST 11
`
`INITIATE SECURITY TIMER j12_0
`
`GENERATE SMI REQUEST FOR AUTHORIZATION TO PERFORM
`RMCP REQUEST @
`
`EVALUATE RESULT OF SMI REQUEST AND SECURITY TIMER
`VALUE 1140
`
`SECURITY
`REQUIREMENTS MET?
`
`REFUSE RMCP REQUEST
`1160
`
`V
`
`PERFORM RMCP REQUEST ?7_0
`
`Fig. 12
`
`Lenovo
`Ex. 1038 - Page 16
`
`

`

`US 7,263,716 B1
`
`1
`REMOTE MANAGEMENT MECHANISM TO
`PREVENT ILLEGAL SYSTEM COMMANDS
`
`PRIORITY DATA
`
`This application is a continuation-in-part of US. patent
`application Ser. 10/045,117, ?led on Nov. 1, 2001, entitled,
`“Microcomputer Bridge for Remote Manageability,” and
`Whose inventor is Dale E. Gulick.
`This application is also a continuation-in-part of US.
`patent application Ser. No. 10/033,142, ?led on Nov. 1,
`2001, entitled, “Microcomputer Bridge Architecture With an
`Embedded Microcontroller,” and Whose inventor is Dale E.
`Gulick.
`This application is also a continuation-in-part of US.
`patent application Ser. No. 10/005,648, ?led on Dec. 3,
`2001, entitled, “Embedded Processor Supporting Both ACPI
`and ASF Operations,” and Whose inventor is Dale E. Gulick.
`This application is also a continuation-in-part of US.
`patent application Ser. No. 10/066,879, ?led on Feb. 4, 2002,
`entitled, “ASF State Determination using Chipset-Resident
`Watchdog Timer,” and Whose inventor is Dale E. Gulick.
`This application is also a continuation-in-part of US.
`patent application Ser. No. 10/067,175, ?led on Feb. 4, 2002,
`entitled, “HardWare Interlock Mechanism Using a Watchdog
`Timer,” and Whose inventor is Dale E. Gulick.
`
`BACKGROUND OF THE INVENTION
`
`1. Field of the Invention
`This invention relates generally to computing systems,
`and, more particularly, to a system and method for prevent
`ing unWanted system state changes using a security timer,
`such as in a personal computer system.
`2. Description of the Related Art
`FIG. 1A illustrates an exemplary computer system 100.
`The computer system 100 includes a processor 102, a north
`bridge 104, memory 106, Advanced Graphics Port (AGP)
`device 108, a netWork interface card (N IC) 109, a Peripheral
`Component Interconnect (PCI) bus 110, a PCI connector
`111, a south bridge 112, a battery 113, an AT Attachment
`(ATA) interface 114 (more commonly knoWn as an Inte
`grated Drive Electronics (IDE) interface), an SMBus 115, a
`universal serial bus (U SB) interface 116, a LoW Pin Count
`(LPC) bus 118, an input/output controller chip (SuperI/OTM)
`120, and BIOS memory 122. It is noted that the north bridge
`104 and the south bridge 112 may include only a single chip
`or a plurality of chips, leading to the collective term
`“chipset.” It is also noted that other buses, devices, and/or
`subsystems may be included in the computer system 100 as
`desired, e.g. caches, modems, parallel or serial interfaces,
`SCSI interfaces, etc.
`The processor 102 is coupled to the north bridge 104. The
`north bridge 104 provides an interface betWeen the proces
`sor 102, the memory 106, the AGP device 108, and the PCI
`bus 110. The south bridge 112 provides an interface betWeen
`the PCI bus 110 and the peripherals, devices, and sub
`systems coupled to the IDE interface 114, the SMBus 115,
`the USB interface 116, and the LPC bus 118. The battery 113
`is shoWn coupled to the south bridge 112. The Super I/OTM
`chip 120 is coupled to the LPC bus 118.
`The north bridge 104 provides communications access
`betWeen and/or among the processor 102, memory 106, the
`AGP device 108, devices coupled to the PCI bus 110, and
`devices and subsystems coupled to the south bridge 112.
`Typically, removable peripheral devices are inserted into
`PCI “slots,” shoWn here as the PCI connector 111, that
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`connect to the PCI bus 110 to couple to the computer system
`100. Alternatively, devices located on a motherboard may be
`directly connected to the PCI bus 110. The SMBus 115 may
`be “integrated” With the PCI bus 110 by using pins in the PCI
`connector 111 for a portion of the SMBus 115 connections.
`The south bridge 112 provides an interface betWeen the
`PCI bus 110 and various devices and subsystems, such as a
`modem, a printer, keyboard, mouse, etc., Which are gener
`ally coupled to the computer system 100 through the LPC
`bus 118, or one of its predecessors, such as an X-bus or an
`Industry Standard Architecture (ISA) bus. The south bridge
`112 includes logic used to interface the devices to the rest of
`computer system 100 through the IDE interface 114, the
`USB interface 116, and the LPC bus 118. The south bridge
`112 also includes the logic to interface With devices through
`the SMBus 115, an extension of the tWo-Wire inter-IC bus
`protocol.
`FIG. 1B illustrates certain aspects of the south bridge 112,
`including reserve poWer by the battery 113, so-called “being
`inside the RTC (real time clock) battery Well” 125. The south
`bridge 112 includes south bridge (SB) RAM 126 and a clock
`circuit 128, both inside the RTC battery Well 125. The SB
`RAM 126 includes CMOS RAM 126A and RTC RAM
`126B. The RTC RAM 126B includes clock data 129 and
`checksum data 127. The south bridge 112 also includes,
`outside the RTC battery Well 125, a CPU interface 132,
`poWer and system management units 133, and various bus
`interface logic circuits 134.
`Time and date data from the clock circuit 128 are stored
`as the clock data 129 in the RTC RAM 126B. The checksum
`data 127 in the RTC RAM 126B may be calculated based on
`the CMOS RAM 126A data and stored by BIOS during the
`boot process, such as is described beloW, e.g. block 148,
`With respect to FIG. 2. The CPU interface 132 may include
`interrupt signal controllers and processor signal controllers.
`FIG. 1C illustrates a prior art remote management con
`?guration for the computer system 100. A motherboard 101
`provides structural and base electrical support for the south
`bridge 112, the PCI bus 110, the PCI connector 111, the
`SMBus 115, and sensors 103A and 103B. The NIC 109, a
`removable add-in card, couples to the motherboard 101, the
`PCI bus 110, and the SMBus 115 through the PCI connector
`111. The NIC 109 includes an Ethernet controller 105 and an
`ASF microcontroller 107. The Ethernet controller 105 com
`municates With a remote management server 90, passing
`management data and commands betWeen the ASF micro
`controller 107 and the remote management server 90. The
`remote management server 90 is external to the computer
`system 100
`An industry standard speci?cation, generally referred to
`as the Alert Standard Format (ASF) Speci?cation, de?nes
`one approach to “system manageability” using the remote
`management server 90. The ASF Speci?cation de?nes
`remote control and alerting interfaces capable of operating
`When an operating system of a client system, such as the
`computer system 100, is not functioning. Generally, the
`remote management server 90 is con?gured to monitor and
`control one or more client systems. Typical operations of the
`ASF alerting interfaces include transmitting alert messages
`from a client to the remote management server 90, sending
`remote control commands from the remote management
`server 90 to the client(s) and responses from the client(s) to
`the remote management server 90, determining and trans
`mitting to the remote management server 90 the client
`speci?c con?gurations and assets, and con?guring and con
`trolling the client(s) by interacting With the operating system
`(s) of the client(s). In addition, the remote management
`
`Lenovo
`Ex. 1038 - Page 17
`
`

`

`US 7,263,7l6 B1
`
`3
`server 90 communicates with the ASF NIC 109 and the
`client(s)’ ASF NIC 109 communicates with local client
`sensors 103 and the local client host processor.
`When the client has an ACPI-aware operating system
`functioning, con?guration software for the ASF NIC 109
`runs during a “one good boot” to store certain ASF, ACPI
`(Advanced Con?guration and Power Interface), and client
`con?guration data.
`The transmission protocol in ASP for sending alerts from
`the client to the remote management server 90 is the
`Platform Event Trap (PET). A PET frame consists of a
`plurality of ?elds, including GUID (globally unique identi
`?er), sequence number, time, source of PET frame at the
`client, event type code, event level, sensor device that
`caused the alert, event data, and ID ?elds.
`Many events may cause an alert to be sent. The events
`may include temperature value over or under a set-point,
`voltage value over or under a set-point, fan actual or
`predicted failure, fan speed over or under a set-point, and
`physical computer system intrusion. System operation errors
`may also be alerts, such as memory errors, data device
`errors, data controller errors, CPU electrical characteristic
`mismatches, etc. Alerts may also correspond to BIOS or
`?rmware progression during booting or initialiZation of any
`part of the client. Operating system (OS) events may also
`generate alerts, such as OS boot failure or OS timeouts. The
`ASF Speci?cation provides for a “heartbeat” alert with a
`programmable period typically one minute but not to exceed
`10 minutes, when the client does not send out the heartbeat,
`or “I am still here,” message.
`Client control functions are implemented through a
`remote management and control protocol (RCMP) that is a
`user datagram protocol (UDP) based protocol. RCMP is
`used when the client is not running the operating system.
`RCMP packets are exchanged during reset, power-up, and
`power-down cycles, each having a different message type.
`The remote management server 90 determines the ASF
`RCMP capabilities of the client(s) by a handshake protocol
`using a presence-ping-request that is acknowledged by the
`client(s) and followed-up with a presence-pong that indi
`cates the ASF version being used. The remote management
`server 90 then sends a request to the client to indicate the
`con?guration of the client, which the client acknowledges
`and follows with a message giving the con?guration of the
`client as stored in non-volatile memory during the “one good
`boot.” The RCMP packets include a contents ?eld, a type
`?eld, an offset ?eld, and a value ?eld.
`RCMP message transactions involve a request from the
`remote management server 90, a timed wait for an acknowl
`edgement followed by a second timed wait for a response.
`If either of the time limits for the acknowledgement or the
`response is exceeded, then the remote management server 90
`knows that either the client needs some of the packets resent
`or the client has lost contact due to failure of either the client
`or the communications link.
`The ASF NIC 109 must be able to report its IP (Internet
`protocol) address (or equivalent) without the intervention of
`the operating system. Thus, the ASF NIC 109 must be able
`to receive and reply to ARP (Address Resolution Protocol)
`requests with the operating system, not interfere with ARP
`packets when the operating system is running, and wake-up
`for ARP packets when con?gured to do so. Note that ACPI
`includes waking-up for ARP packets as a standard con?gu
`ration.
`The following information is sent to the remote manage
`ment server 90 from the client as an indication of the
`con?guration of the client: an ACPI description table iden
`
`50
`
`55
`
`60
`
`65
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`4
`tifying sensors and their characteristics, ASF capabilities
`and system type for PET messages, and the client’s support
`for RMCP and the last RCMP command; how the client
`con?gures an optional operating system boot hang watchdog
`timer; and the SMBIOS identi?cation of the UUID/GUID
`for PET messages. ASF objects follow the ASL (ACPI
`Software Language) naming convention of ACPI.
`In FIG. 2, a ?owchart of a conventional method of
`initialiZing a computer system using code stored in the BIOS
`122 is shown. During initialization of the power supply, the
`power supply generates a power good signal to the north
`bridge 104, in block 136. Upon receiving the power good
`signal from the power supply, the south bridge 112 (or north
`bridge 104) stops asserting the reset signal for the processor
`102, in block 138.
`During initialization, the processor 102 reads a default
`jump location, in block 140. The default jump location in
`memory is usually at a location such as FFFFOh. The
`processor 102 performs a jump to the appropriate BIOS code
`location (eg FFFFOh) in the ROM BIOS 122, copies the
`BIOS code to the RAM memory 106, and begins processing
`the BIOS code instructions from the RAM memory 106, in
`block 142. The BIOS code, processed by the processor 102,
`performs a power-on self test (POST), in block 144.
`The BIOS code next looks for additional BIOS code, such
`as from a video controller, IDE controller, SCSI controller,
`etc. and displays a start-up information screen, in block 146.
`As examples, the video controller BIOS is often found at
`C000h, while the IDE controller BIOS code is often found
`at C800h. The BIOS code may perform additional system
`tests, such as a RAM memory count-up test, and a system
`inventory, including identifying COM (serial) and LPT
`(parallel) ports, in block 148. The additional system tests
`may include ASF, ACPI, and Ethernet initialiZations, includ
`ing initiating a communications link with the remote man
`agement server 90. The BIOS code also identi?es plug-and
`play devices and other similar devices and then displays a
`summary screen of devices identi?ed, in block 150.
`The BIOS code identi?es the boot location, and the
`corresponding boot sector, in block 152. The boot location
`may be on a ?oppy drive, a hard drive, a CDROM, a remote
`location, etc. The BIOS code next calls the boot sector code
`at the boot location to boot the computer system, such as
`with an operating system, in block 154.
`It is noted that for a cold boot or a hard (re)boot, all or
`most of the descriptions given in blocks 136-154 may occur.
`During a warm boot or a soft (re)boot the BIOS code usually
`jumps from block 142 into block 148, skipping the POST,
`memory tests, etc.
`Remote management techniques such as ASF are predi
`cated on the NIC 109 being installed for “one good boot” of
`the operating system so that initialiZation of the remote
`management hardware and/ or ?rmware can be supervised by
`the operating system. Improvements in remote management
`for personal computers may speed the initialiZation of
`remote management hardware and/or ?rmware and may
`lessen the dependence on the operating system. A computer
`system 100 with a long boot time slows productivity and, at
`a minimum, irritates users. It would be desirable to shorten
`boot times if possible, and to avoid unnecessary reboots.
`
`SUMMARY OF THE INVENTION
`
`In one aspect of the present invention, a method of
`operating a computer system is disclosed. The method
`includes receiving a request for a system action and initiat
`ing a timer. The method also includes generating an autho
`
`Lenovo
`Ex. 1038 - Page 18
`
`

`

`US 7,263,716 B1
`
`5
`rization request for the system action and evaluating a result
`of the authorization request for the system action if received
`before an expiration of the timer. The method also includes
`granting the request for the system action if the expiration of
`the timer occurs before the result of the authorization request
`for the system action is received.
`In another aspect of the present invention, another method
`of operating a computer system is disclosed. This method
`includes the steps of receiving a request for a system action
`and initiating a timer. The method also includes the steps of
`generating an authorization request for the system action and
`evaluating a result of the authorization request for the
`system action if received before an expiration of the timer.
`The method also includes the step of granting the request for
`the system action if the expiration of the timer occurs before
`the result of the authorization request for the system action
`is received.
`In still another aspect of the present invention, a computer
`readable medium encoded with instructions that, when
`executed by a computer system, performs a method for
`operating the computer system is disclosed. The method
`includes receiving a request for a system action and initiat
`ing a timer. The method also includes generating an autho
`rization request for the system action and evaluating a result
`of the authorization request for the system action if received
`before an expiration of the timer. The method also includes
`granting the request for the system action if the expiration of
`the timer occurs before the result of the authorization request
`for the system action is received.
`In yet another aspect of the present invention, a computer
`system is disclosed. The computer system includes a timer,
`an SMI request register, and a processor. The processor is
`coupled to the timer and coupled to the SMI request register.
`The processor is con?gured to receive an authorization
`request for a system action. The processor is further con
`?gured to initialize the timer in response to receiving the
`authorization request for the system action.
`In still another aspect of the present invention, another
`computer system is disclosed. This computer system
`includes a timing means, an SMI request means, and a
`processing means. The processing means is coupled to the
`timing means and coupled to the SMI request means. The
`processing means is con?gured to receive an authorization
`request for a system action. The processing means is further
`con?gured to initialize the timing means in response to
`receiving the authorization request for the system action.
`In still yet another aspect of the present invention, another
`computer system is disclosed. This computer system
`includes means for receiving a request for a system action
`and means for initiating a timer. The computer system also
`includes means for generating an authorization request for
`the system action and means for evaluating a result of the
`authorization request for the system action if received before
`an expiration of the timer. The computer system also
`includes means for granting the request for the system action
`if the expiration of the timer occurs before the result of the
`authorization request for the system action is received.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`The invention may be understood by reference to the
`following description taken in conjunction with the accom
`panying drawings, in which like reference numerals identify
`similar elements, and in which:
`FIG. 1Aillustrates a block diagram of a prior art computer
`system;
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`6
`FIG. 1B illustrates a block diagram of a prior art south
`bridge; and
`FIG. 1C illustrates a prior art remote management
`arrangement;
`FIG. 2 illustrates a ?owchart of a prior art method for
`booting a computer system using code stored in ROM;
`FIGS. 3A and 3B illustrate block diagrams of embodi
`ments of computer systems having remote management
`arrangements, according to various aspects of the present
`invention;
`FIG. 4 illustrates a block diagram of an embodiment of an
`ASP south bridge including integrated ASF, ACPI, and/or
`Ethernet capabilities, according to various aspects of the
`present invention;
`FIG. 5 illustrates a block diagram of an embodiments of
`the ASF south bridge including ASF registers in the RTC
`battery well of the ASF south bridge, according to various
`aspects of the present invention;
`FIG. 6 illustrates a ?owchart an embodiment of a method
`for booting a computer system including the ASF south
`bridge of FIG. 4, according to one aspect of the present
`invention;
`FIGS. 7A and 7B illustrate ?owcharts of embodiments of
`methods for operating a computer system including the ASF
`south bridge of FIG. 4, according to various aspects of the
`present invention;
`FIGS. 8A and 8B illustrate ?owcharts of embodiments of
`methods for determining system state upon an expiration of
`a watchdog timer, according to various aspects of the present
`invention;
`FIG. 9 illustrates a ?owchart of an embodiment of a
`method for evaluating requests for system resets, according
`to one aspect of the present invention;
`FIGS. 10 and 11 illustrate embodiments of functional
`parts of the ASF south bridge, according to various aspects
`of the present invention; and
`FIG. 12 illustrates a ?owchart of an embodiment of a
`method for verifying RCMP requests, according to one
`aspect of the present invention.
`While the invention is susceptible to various modi?ca
`tions and alternative forms, speci?c embodiments thereof
`have been shown by way of example in the drawings and are
`herein described in detail. It should be understood, however,
`that the description herein of speci?c embodiments is not
`intended to limit the invention to the particular forms
`disclosed, but on the contrary, the intention is to cover all
`modi?cations, equivalents, and alternatives falling within
`the spirit and scope of the invention as de?ned by the
`appended claims.
`
`DETAILED DESCRIPTION OF SPECIFIC
`EMBODIMENTS
`
`Illustrative embodiments of the invention are described
`below. In the interest of clarity, not all features of an actual
`implementation are described in this speci?cation. It will, of
`course, be appreciated that in the development of any such
`actual embodiment, numerous implementation-speci?c
`decisions must be made to achieve the developers’ speci?c
`goals, such as compliance with system-related and business
`related constraints, which will vary from one implementa
`tion to another. Moreover, it will be appreciated that such a
`development effort might be complex and time-consuming,
`but would nevertheless be a routine undertaking for those of
`ordinary skill in the art having the bene?t of this disclosure.
`The use of a letter in association with a reference number is
`
`Lenovo
`Ex. 1038 - Page 19
`
`

`

`US 7,263,716 B1
`
`7
`intended to show alternative embodiments or examples of
`the item to which the reference number is connected.
`The following co-pending US. patent applications are
`hereby incorporated by reference in their entireties, as if set
`forth fully herein:
`[LPC Extension Application] “Method And Apparatus For
`Extending Legacy Computer Systems”, US. patent appli
`cation Ser. No. 09/544,858, ?led on Apr. 7, 2000, whose
`inventor is Dale E. Gulick; and
`[Secure Execution Mode Applications] US. patent applica
`tion Ser. No. 09/ 852,372, entitled, “Secure Execution Box
`and Method,” ?led on May 10, 2001, whose inventors are
`Dale E. Gulick and Geoffrey S. Strongin;
`US. patent application Ser. No. 09/852,942, entitled, “Com
`puter System Architecture for En